When a new/unknown MS performs an ATTACH REQUEST for the first time, it is authenticated.

However, if that same MS later performs a second ATTACH REQUEST, even with new P-TMSI/TLLI, it is not authenticated and we simply send an ATTACH ACCEPT. This is a security problem, as it means anyone can impersonate other known-existing IMSIs.

The test is failing again, even under the new FSM.The HLR integration into the test must be rewritten.

At the moment, the TTCN test case SGSN_Tests.TC_attach_second_attempt still fails, but this is fails, because thesecond attach does not proceed, because TTCN explicit expect to see an Insert Subscriber Data Request.This request will be never sent from the SGSN, because it has still valid key data.